Graham Brown wrote:
>
> http://investor.nttdocomo.com/releases.cfm?page=index
>
> DoCoMo announced today that it has joined the Liberty Alliance
> with bedpals AOL, Sun and Nokia (amongst others).
> This effectively elbows MS out from the authentication game
> in seeking future partners for their Passport initiative.
>
FYI:
http://www.projectliberty.org
There are some heavy hitters in the Liberty Alliance including, but
not limited to:
Bank of America
Verisign
RSA Security
Oracle
Cisco
Nokia (probably including their paypal asset) and eBay
(and many others, some of whom don't want to be listed)
DoCoMo was a natural inclusion...
My primary difficult with the Liberty Alliance (beyond privacy/
security issues and Larry Ellison's habitual National ID Card
fear mongering) is that it is described as a "federation" and plans
to establish a "federated identity"... almost identity by consensus
if you will. Still, the key concept of federation is that power is
distributed between (but primarily surrendered to) a central
authority and a number of units with residual powers. I'm curious
who the "central authority" is going to be... or is the Alliance
just going to figure that out on their own? Oh, I see, it's the
"Liberty Alliance" and that is who? Whoever has the most money?
The most information? The strongest web of trust? Inquiring minds
want to know before they start giving up their personal info...
What I find curious about .NET compared to the LA is that one
seems to take itself far more seriously than the other. I mean
does anyone really think .NET is anything other than the next gen
microsoft sales pitch? Sure, .NET is an attempt by microsoft to
entrench itself, through the use of software, into an area where
they have typically failed miserably (service provision: MSN,
subscription software, WebTV, etc.), but I think Microsoft will
be just as successful in this area as they have always been...
and in the end, that's all the LA is as well... a sales pitch.
If we get a few standards out of it, great; however, it's primarily
motivated by the need to sell more units (and not necessarily
to solve real world problems... when .NET or the LA solves a
real world problem, someone send me an e-mail, Ok?).
The LA's pitch has been much more along the lines of "Join us and
spend your time and money making what may or may not be the future
in your image", while .NET's pitch seems to go along the lines of
"Buy and code with our software and we'll let you participation our
Big Game Plan(tm)". And still, what both efforts propose to do
is solve basic security problems (and I'm not even talking computer
or network security here). Given Microsoft's past performance
this is right out... Federations, in my option, always introduced
more security problems than the solve (in fact, on might argue that
the purpose of a Federation is to create security problems to chase).
Personally, I won't take either seriously until we start to see
things like some RFC reference implementations (.NET has succeeded
in sucking in more than a few open source/alternative platform RE
efforts), Verisign (they just acquired .cc)/other NICs/TLD owners
signing entire TLDs for use with Secure DNS, handsets that have
strong encryption mechanisms down to the last mile, biometric/smart
IDs in widespread national deployments and other signs that this
thing (be it .NET or the LA) is going to happen for real.
Received on Wed Dec 19 22:27:35 2001